From 897c50013ee9cc04b16e0dbf36039c15d24b2d27 Mon Sep 17 00:00:00 2001
From: Renaud Fivet <renaud.fivet@gmail.com>
Date: Sun, 29 Sep 2013 16:56:13 +0800
Subject: [PATCH] Fix crash when "insert-string $HOME", missing length check
 when copying environment variables.

---
 exec.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/exec.c b/exec.c
index ddda97c..44a2e9f 100644
--- a/exec.c
+++ b/exec.c
@@ -294,7 +294,8 @@ int nextarg(const char *prompt, char *buffer, int size, int terminator)
 	execstr = token(execstr, buffer, size);
 
 	/* evaluate it */
-	strcpy(buffer, getval(buffer));
+	strncpy( buffer, getval( buffer), size - 1) ;
+	buffer[ size - 1] = '\0' ;
 	return TRUE;
 }